DNS noise
Jimmy Hess
mysidia at gmail.com
Fri Apr 6 18:08:31 UTC 2012
On Fri, Apr 6, 2012 at 12:52 PM, PC <paul4004 at gmail.com> wrote:
> Of course you'd have to actually be running a poorly configured DNS server
> on that IP for this to work...
Right.... was that IP ever running a DNS service?
Picking random IPs to spoof and hope some of the random IPs happen to
be DNS servers
doesn't sound like a very "efficient" attack. It seems like the
attacker would want to
'probe first' before selecting innocent servers to reflect at
Perhaps 2 or 3% of the possible random IPs on the internet actually
run DNS servers
that could possibly respond to spoofed queries?
--
-JH
More information about the NANOG
mailing list